Pegasystem Pega Platform 安全漏洞

Pegasystem Pega Platform is a suite of application development platforms from the American company Pegasystem. The platform is used to develop applications such as BPM Business Process Management, Case Management, Real-Time Decision Making and CRM Customer Relationship Management. A security...

VulnCheck KEV: CVE-2021-21389

BuddyPress is an open source WordPress plugin to build a community site. In releases of BuddyPress from 5.0.0 before 7.2.1 it's possible for a non-privileged, regular user to obtain administrator rights by exploiting an issue in the REST API members endpoint. The vulnerability has been fixed in...

WordPress Theme WoodMart 跨站脚本漏洞

WordPress is a blogging platform developed in PHP by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress theme is a theme for WordPress. A cross-site scripting vulnerability exists in WordPress Theme WoodMart 7.2.1 and earlier...

TYPO3 代码问题漏洞

TYPO3 is a free and open source content management system framework CMS/CMF of the Swiss TYPO3 Typo3 Association. A server-side request forgery vulnerability exists in TYPO3 versions prior to 7.2.1, which stems from a failure to check the legitimacy of a request. An attacker can exploit this...

WordPress WaspThemes Visual CSS Style Editor plugin cross-site request forgery vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in the WordPress WaspThemes Visual CSS Style Editor plugin...